VXLAN NOTES

• Uses UDP-4789
• VXLAN headers add 50 bytes to the original frame
• Oreilly course: https://github.com/vinugenie/VXLAN-EVPN-Deep-Dive-Training ; vxlanday137231677595753951.pdf

vni
(vxlan)
vtep
---->{[mac][ip][mac][ip]}

MAC addresses conveyed via bgp. Datacenter. At the end of the day these are knobs to avoid using L3!.

• ESI—An Ethernet segment must have a unique nonzero identifier, called the Ethernet segment identifier (ESI). The ESI is encoded as a 10-octet integer. When manually configuring an ESI value, the most significant octet, known as the type byte, must be 00. When a single-homed CE device is attached to an Ethernet segment, the entire ESI value is zero. The Ethernet segment of the multihomed Device CE1 has an ESI value of 00:11:22:33:44:55:66:77:88:99 assigned. The single-homed Device CE2 has an ESI value of 0.
• EVI—An EVPN instance (EVI) is an EVPN routing and forwarding instance spanning all the PE routers participating in that VPN. An EVI is configured on the PE routers on a per-customer basis. Each EVI has a unique route distinguisher and one or more route targets.An EVI is configured on Routers PE1, PE2, and PE3.
• Rest of the info in: https://www.juniper.net/documentation/en_US/junos/topics/concept/evpn-bgp-multihoming-overview.html

Forward BUM traffic:

• Multicast replication (underlay): todo
• Ingress Replication (aka Headend Replication): Is a unicast approach to handle multi-destination trafffic. Handling BUM traffic in a network using ingress replication involves an ingress device replicating every BUM packet and sending them as a separate unicast to the remote egress devices. Enable via Route Type 3 (RT3). See LINK

EVPN NOTES - RFC 7432
Simplifying to the maximum, we can say that EVPN is like L3VPN but for layer 2 (mac information). EVPN can be seen as a way to fix L2VPN problem with L3VPN techniques (proper mac learning (no bum flooding) and so on)
https://my.ipspace.net/bin/list?id=EVPN
It uses MP-BGP mechanism and defines a new sub-address family, EVPN address family, in the L2VPN address family.

• Route Types:

Summary:

• RT-2 for endpoint reachability. /32-MAC addresses.
• RT-3 for ‘flooding’ (replication lists)
• RT-4 for multihoming (more than 1 leave for one vtep)
• RT-5 for external networks (external routes and ‘unlearned’ hosts (ie those not know by the fabric but connected to the fabric))

Underlay/Ovelay - rule of thumb:

1. OSPF for underlay unless scalability requirements (ebgp with 1 asn per spine); then iBGP for overlay
2. If scalability important, do ebgp for the underlay (with one single asn for spines) then iBGP for overlay : spines to have allow-as

Design Goals

LEAF AND SPINE WITH ARISTA SWITCHES

show interfaces vxlan1
show vxlan address-table
show vxlan vni
show bgp evpn detail    # to see the evpn routes 
show bgp evpn route-type mac-ip/imet/ip-prefix    # to see the evpn rtypes 2,3,5

Models

LEAF AND SPINE WITH CISCO

show interface nve                     ! displays NVE (VXLAN tunnel) interface status
show interface nve detail              ! shows detailed info: packet counters, drops, state
show nve vni                           ! shows configured VNIs, their state, and bindings
show nve peers                         ! displays remote VTEPs (VXLAN Tunnel Endpoints)
show mac address-table dynamic         ! lists learned MACs, including VXLAN-related ones

show ip route vrf <VRF>                ! checks reachability within a VXLAN-associated VRF
show arp vrf <VRF>                     ! shows ARP table entries for a specific VRF

show l2route evpn mac all              ! shows learned MACs via EVPN control plane
show l2route evpn mac-ip all           ! includes MAC and IP bindings (Type 2 routes)

show bgp l2vpn evpn                    ! general overview of BGP EVPN routes
show bgp l2vpn evpn route-type mac-ip  ! EVPN Type 2: MAC + IP advertisement
show bgp l2vpn evpn route-type imet    ! EVPN Type 3: multicast replication group
show bgp l2vpn evpn route-type prefix  ! EVPN Type 5: IP prefix route info

Models